Synopsis
Files could be overwritten on the remote host.
Description
The version of Opera installed on the remote host contains a file corruption vulnerability. This issue is exposed when a user is presented with a file dialog, which will cause the creation of a temporary file. It is possible to specify a relative path to another file on the system using directory traversal sequences when the download dialog is displayed. If the client user has write permissions to the attacker-specified file, it will be corrupted.
This could be exploited to delete sensitive files on the systems.
Solution
Install Opera 7.23 or newer.
Plugin Details
File Name: opera_file_corruption.nasl
Agent: windows
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:opera:opera_browser
Required KB Items: SMB/Opera/Version
Exploit Ease: No exploit is required
Vulnerability Publication Date: 12/13/2003
Reference Information
BID: 9279